Midwest Marketing (display_products.php) Blind SQL Vulnerability

Exploit for php platform in category web applications Exploit Title: Midwest Marketing displayproducts.php Blind SQL Vulnerability Date: 12-11-2012 Author: ShinoBi-Dz E-mail : email protected Facebook : https://www.facebook.com/shinobi.DZz Category: webapps Google dork: "Designed by Midwest...

WordPress Calendar-Script Blind SQL Injection

Exploit Title: Wordpress Calendar-Script Plugin Blind SQL Injection Vulnerability Google Dork: inurl:"/Calendar-Script/load.php?cid=1" or "intext:Copyright phpcalendarscripts.com ©" Exploit Author: Ashiyane Digital Security Team Vendor Homepage: http://phpcalendarscripts.com/ Tested on: Windows 7...

NetOffice Dwins 1.4p3 - SQL Injection

NetOffice Dwins 1.4p3 - SQL Injection :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-11-08 netOffice Dwins openWorkHours$tmpquery; //5 SQL ..cut...

vam shop 1.69 - Multiple Vulnerabilities

vam shop 1.69 - Multiple Vulnerabilities Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability...

VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

WordPress Easy Webinar Plugin - Blind SQL Injection

Easy Webinar plugin is prone to a Blind SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

WordPress Plugin Easy Webinar - Blind SQL Injection

Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Vendor Homepage: www.easywebinarplugin.com Date: 10/26/2012 Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: wid= Google Dork: allinurl: get-widget.php?wid=...

Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Vendor Homepage: www.easywebinarplugin.com Date: 10/26/2012 Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters...

Inout Article Base Ultimate SQL Injection / CSRF

============================================================================== Vulnerable Software: Inout Article Base Ultimate Version: getSubcategoryList$cid; $this-loadLibrary"settings"; $set=new settings"nesoteinoutarticlesettings"; $set-loadValues; $showarticles=$set-getValue"show...

Symphony CMS 2.3 - Multiple Vulnerabilities

Symphony CMS 2.3 - Multiple Vulnerabilities Symphony cms 2.3 multiple vulnerabilities -------------------------------------------------------------------------------------------- 20121017 - Justanotherhacker.com : Symphony cms - Multiple vulnerabilities JAHx122 -...

Symphony CMS 2.3 - Multiple Vulnerabilities

Symphony cms 2.3 multiple vulnerabilities -------------------------------------------------------------------------------------------- 20121017 - Justanotherhacker.com : Symphony cms - Multiple vulnerabilities JAHx122 - http://www.justanotherhacker.com/advisories/JAHx122.txt...

Joomla! Component com_icagenda - id Multiple Vulnerabilities

Joomla! Component comicagenda - id Multiple Vulnerabilities Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats...

Joomla iCagenda SQL Injection / Path Disclosure

Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...

Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities

Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...

MyAuth3 - Blind SQL Injection

MyAuth3 - Blind SQL Injection Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdot org | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true exploit ...

MyAuth3 - Blind SQL Injection

Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdot org | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true exploit is needed to dump system pwd...

phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities

Exploit for php platform in category web applications Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities Date: 04/10/2012 Author: L0n3ly-H34rT Contact: email protected My Site: http://se3c.blogspot.com/ Vendor Link: http://sourceforge.net/projects/phpmychat/ Software Link:...

phpMyChat Plus 1.94 RC1 LFI / XSS / RFI / SQL Injection

Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities Date: 04/10/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://sourceforge.net/projects/phpmychat/ Software Link:...

phpMyChat Plus 1.94 RC1 - Multiple Vulnerabilities

phpMyChat Plus 1.94 RC1 - Multiple Vulnerabilities Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities Date: 04/10/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://sourceforge.net/projects/phpmychat/ Software Lin...

Trend Micro Control Manager 5.5 / 6.0 Blind SQL Injection

!/usr/bin/env python Exploit Title: Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection post-auth Disclosure Date: 09/27/2012 Author: otoy @otoyrood & modpr0be @modpr0be Contact: researchatspentera.com Platform: Windows Tested on: Windows 2003 Standard Edition Software Link:...